FDA-CDRH Issues Guidance on Postmarket Cybersecurity

On December 28, 2016, FDA-CDRH issued a final guidance document entitled Postmarket Management of Cybersecurity in Medical Devices.

The final guidance document provides a framework for manufacturers to monitor, identify, and address cybersecurity vulnerabilities and exploits. Addressing cybersecurity exploits may require modification of the device already shipped. This raises the issue of Part 803 Corrections and Removals. The guidance provides an exception to reporting.